Customers of BT Retail's new superfast 'up to' 40Mbps (soon to be 80Mbps) BT-Infinity broadband service are being sent a new and "even better" VDSL2 / FTTC modem (Huawei EchoLife HG612) for free. A letter to affected users states that the new modems will "improve your broadband connection", but in reality they're just replacing faulty kit with a working version.


The situation, which The Register picked up on today, isn't as recent as the report suggests. After some digging we quickly discovered that it had been going on since around November 2011 and the even earlier discovery of a serious overheating fault that could cause a "total loss of service".

ISPreview.co.uk understands that the letters are being sent out to everyone who was supplied with an "Openreach Modem" as part of their BT-Infinity order before August 2011. So those who received the kit after that date should be fine.


The "new" and "better" modems (not to be confused with BT's separate HomeHub routers) are virtually identical to the old models but include the new fix and a Version 2 or Version 3 style label on the bottom (many of last year's replacements are marked V2).

It should be stressed that there is no risk of the overheating problem causing a fire, although it does crash the modem and can do tiny amounts of damage over time that might prevent the kit from working.

The Lancashire County Council (LCC) appears to be steaming ahead with its own £32 million Local Broadband Plan (LBP) after an allegedly "exhaustive procurement process" officially selected BT to help 97% of the county get superfast broadband ISP speeds of over 30Mbps by 2014; one year ahead of the national UK target.

Lancashire's Public Sector Funding Breakdown:
• £10.8m from Broadband Delivery UK (BDUK)
• £16.5m from the European Regional Development Fund (ERDF)
• £4.7m from Lancashire County Council (LCC)

Some £500,000 of the money will also be set aside to help the last 3% receive access to download speeds of at least 2Mbps (Universal Service Commitment). Another £3m will be used to help small and medium sized businesses get the best out of superfast broadband.

The investment, which is expected to be matched by cash from BT (this will be in addition to its £2.5bn strong pot), will be targeted at approximately one third of the county where there are currently no existing or future commercial plans for a superfast service (at least none according to the council).



Critics of BDUK's process often fear that the bulk of investment will end up going towards BT instead of alternative operators, such as Fujitsu's Open Access Wholesale Network (OAWN) project (here). At this stage it's still too early to be sure how things will progress more nationally, although today's news and other recent developments (here) will surely fuel concerns.

At the same time BT has always been a serious player and one most likely to win a sizeable chunk of the fund, especially given BDUK's sometimes questionably strict criteria for entry (small ISPs = no). Thankfully rural Lancashire still looks likely to benefit from alternative projects like those from B4RN (here) and Fibrestream (here).

UPDATE 1:29pm

Small correction. BT informs that its private sector investment will be in addition to their £2.5bn money and not part of it.

The European Commission (EC) has officially closed its internet privacy infringement case against the UK, which was launched in April 2009. The case followed concerns about a company called Phorm and its ability to monitor what websites broadband ISP customers were visiting for use in targeted advertising campaigns.

Phorm's service, which was initially trialled without customers consent by BT Retail, controversially used Deep Packet Inspection (DPI) technology in a way that many likened to Spyware. The firm was eventually forced to abandon its UK plans after a swathe of negative publicity made the service too hot for ISPs to handle.

At the same time Europe launched a related case against the UK for failing to fully implement its internet and email privacy rules (ePrivacy Directive 2002/58/EC and Data Protection Directive 95/46/EC). Last year the UK amended its national legislation (Regulation of Investigatory Powers Act 2000) so as to prevent interception of users' electronic communications without their "explicit consent" (detailed here).


The UK's new rules also established an additional sanction and supervisory mechanism to deal with breaches of confidentiality in electronic communications, yet it should be said that the amended rules have made an exception for network management purposes (e.g. Traffic Management, anti-spam systems etc.); this is partly what seems to get TalkTalk's sometimes controversial HomeSafe service (here) off the hook.

The UK governments Department of Culture, Media and Sport (DCMS) confirms that a further £100 Million of European funding has been "unlocked" to support the rollout of superfast broadband ISP services into rural areas. At the same time a new local authority progress report reveals that three "councils seem to have slipped behind schedule" and are at risk of having their funding withdrawn.

The Broadband Delivery UK (BDUK) office wants 90% of people to be within reach of a superfast broadband (24Mbps+) service by 2015 (the last 10% will get at least 2Mbps). An initial budget of £530m was set aside to support this, although a further £100m was added for super-connected cities (here) and today's extra money gives a new total of £730m.

On top of that it has long been known that BDUK's budget could rise by £300m if the plan needed to be extended until 2017 (total spend of £1.03 Billion). This extra money would be extracted from the BBC's TV Licence Fee (i.e. the 3.5% Digital Switchover Budget), although at present no firm decision has been made.


According to Vaizey, most local councils look set to have their "draft" Local Broadband Plans (LBP) approved by the governments deadline (end of February 2012) and some, such as the plan for Wales, have already been cleared. The final plan then "needs to be agreed" by the end of April 2012.

Overall most of the 47 related projects are now ready to begin taking superfast broadband to homes and businesses in their area. A new geographic UK map of progress shows this best. Sadly not everybody is doing so well.

The governments report marks 13 local authorities as being at a "medium" (amber) risk of missing the deadline. On top of that 3 local authorities are marked as red and thus most at risk of having their funding pulled due to not meeting the timetable.

RED Local Authorities

* Knowsley, Liverpool, St. Helens, Sefton, Wirral

* Newcastle upon Tyne, North Tyneside, South Tyneside, Sunderland

* Bath and North East Somerset

Nobody will be surprised to see Bath and North East Somerset (BNES) listed as their local problems have been well covered in the news (here), although Liverpool and a few of the others will certainly raise some eyebrows.


It's unclear what would happen if councils lose their funding, although in December 2011 the government proposed to run a national procurement for areas that were not ready by the end of July 2012. This suggests that the already allocated funding (detailed here) would still get spent, albeit not by the council.

The government expects that most councils will match its funding from their coffers and that this will then be doubled (match-funded) again by the private sector. However several recent reports, such as this week's briefing from Socitm (here), have warned that some local authorities are struggling to find the needed cash.

BTOpenreach, which governs access to BT's local and national UK telecoms network, has announced a significant expansion of its superfast 100Mbps fibre optic Fibre-to-the-Premises ( FTTP ) broadband ISP technology pilot in High Rise Buildings (e.g. big city apartment blocks).

At present the pilot, which was first announced in November 2011 (here), only covers a small number of buildings (e.g. West India Quay, Canary Riverside and Port East) in the Isle of Dogs (East London) area.

BT has confirmed that they're now looking for a further 1,000 buildings to take part in the pilot, which must exist within the operators existing FTTP footprint and have the required level of registered demand. Other factors, such as the co-operation of landlords and the economics of deployment, will also play a part.


BT claims that its FTTP service, which will soon be upgraded to offer download speeds of 300Mbps (Spring 2012), can provide end users with "the fastest commercially available speeds in the UK for a residential connection". In fairness Hyperoptic can already deliver speeds of 1Gbps to residential connections (here) but its coverage is even smaller and now looks to be under serious pressure from BT's expansion.

The first pilots of BT's high rise FTTP building service are due to begin in March 2012 with the Isle of Dogs apartment blocks. Landlords of similar buildings can register their interest in taking part here, while residents should go here.

The Internet Telephony Services Providers' Association (ITSPA), a UK trade body for the VoIP industry, representing network operators and service providers, has released a new review that slams three of the country's five Mobile Network Operators (MNO) for using Terms and Conditions (T&C's) that "prohibit the use of VoIP and other streaming services in a substantial number of their tariffs".

ITSPA's review - 'VoIP and Mobile Network Operators' - highlights Vodafone , T-Mobile and Orange as being the worst offenders. However the group was still able to make successful over-the-top VoIP (e.g. Google Voice, Skype) calls on almost all UK networks, once the right package was found, with the exception of T-Mobile.


The review further concluded that it was "reasonable" for customers buying Mobile Broadband / Smartphone data bundles to "expect to be able to use them for low speed (<100kbps) streaming services", at least unless they are "clearly excluded" at point of sale.

In reality many mobile operators are keen to defend their lucrative voice calls and as a result Skype is often seen as a rival. On the other hand.. Skype isn't a data hog like video streaming but it can still gobble up capacity over longer periods of use.


The issue, which was picked up by Timico's CTO Trefor Davies, slips rather neatly into the tricky debate around Net Neutrality (the principal of treating all internet traffic as equal) and whether or not the UK / EU governments need to impose tougher regulation to ensure non-discrimination.

In relation to that the UK government's Communications Minister, Ed Vaizey, has just had to reschedule this week's Net Neutrality Roundtable meeting with ISPs and MNOs for 28th March 2012. Apparently operators were expected to produce a related Voluntary Code of Practice at the meeting but it's not quite ready yet (example).

FibreSpeed, which operates a superfast fibre optic network in North Wales (UK), has joined forces with Welshpool-based ISP Exwavia to bring faster wireless ( Wi-Fi ) broadband speeds into the Cefn Coch and Adfa areas of Powys.

Some 68 previously isolated local homes and businesses can now receive a minimum internet download speed of 4Mbps (Megabits per second) via their wireless connections and more are expected to follow.



Prices for the new service start at £20 per month, although the set-up costs can range up to around £1,000! Happily many of the locals were able to take advantage of the Welsh Government's (WG) Broadband Support Scheme (details), which offers grants worth up to £1k for those with speeds that are consistently below 2Mbps.

The controversial Anti-Counterfeiting Trade Agreement (ACTA), a treaty that aims to establish a broad new range of international copyright enforcement standards (e.g. such as through broadband ISPs or at airports etc.), has today been officially signed by the European Union (EU) and 22 of its Member States at Japan's Ministry of Foreign Affairs.

Critics of the treaty claim that it risks turning internet providers into an unofficial copyright police force, among many other things, and has been allowed to bypass normal due process. The latter complaint is often made because of ACTA's questionable status as a "trade agreement", which doesn't attract the same degree of government scrutiny.


In fairness ACTA has since been watered down (here) and now contains some additional, if admittedly ambiguous, references to preserving fundamental principles (i.e. freedom of expression, fair process and privacy). Crucially the European Commission (EC) stated last year that "neither personal searches nor the so-called ‘three strikes’ [ISP piracy warning letter] procedure will be introduced" by ACTA. But that hasn't quelled all of the concern.


So far none of this has stopped the EU, Australia, Canada, Japan, South Korea, Morocco, New Zealand, Singapore and the United States from signing up (Germany, Netherlands, Estonia, Cyprus and Slovakia did not sign); with more to follow. It's also unlikely to have a huge impact upon UK ISPs because our domestic law (Digital Economy Act), which is still being held up by technical and legal challenges, are already considerably more advanced.

Attention will now turn to the European Parliament (EP), which still has the power to block ACTA but it probably won't. The parliament already cleared the final text back in November 2010 (here) when they described it as a "step in the right direction". A final vote is due before June 2012.

UPDATE 27th January 2012

Kader Arif, whom was appointed by the European Parliament (EP) to investigate ACTA, has quit his role as rapporteur and launched a scathing attack on the treaty. It certainly makes for an interesting read.


Ouch.

Transport for London (TfL), a UK public authority with responsibility for most aspects of London city's transport system (e.g. roads, railways etc.), have successfully prosecuted both BT and Cable & Wireless (C&W) over a string of "badly managed roadworks".

The Westminster Magistrate's Court handed down several thousand pounds worth of fines to both firms for a raft of failings that included working without a permit, breach of permitting conditions and failure to correctly notify TfL promptly of works taking place.

The TfL Infringements

* BT was prosecuted for infringements at various locations on TfL roads including: Stamford Hill, Marylebone Road, Blackwall Tunnel, Eastern Avenue and Gunnersbury Lane. They were fined a total of £3,765 and ordered to pay TfL's costs of £5,050.

* Infringements by Cable & Wireless occurred on Lambeth Palace Road and Great Eastern Street. They were fined a total of £1,000 and ordered to pay TfL costs of £2,815.

It's understood that BT pleaded guilty to six counts, while C&W pleaded guilty to two offences. TfL claims to have won £20,000 over the past 12 months in similar cases against utility companies for eight separate offences.


Sadly roadwork's don't always go to plan and utility firms often hire 3rd party contractors to do such work. Many of those can be tempted to cut corners, which sometimes results in serious mistakes. Needless to say that the huge drive to deploy a new generation of superfast fibre optic broadband ISP services around the UK will only make such occurrences more common.

A few months back the Office of the Scottish Road Works Commissioner (OSRWC) directly accused both BT and Virgin Media of having the highest failure rate of all companies in Scotland (here). Apparently 26% of all works tested failed their inspections.

UPDATE 11:20am

A BT spokesperson told ISPreview.co.uk that "Openreach takes any infringement very seriously and we are working hard to ensure there are no further lapses."

A new online survey of 2,124 UK adults from UK2 and YouGov has claimed that 56% of respondents could be putting their computer/phone security at risk by failing or only "rarely" checking whether a public Wi-Fi (wireless internet) network is encrypted (secure) before use.

The study claims that public Wi-Fi Hotspots, such as those in coffee shops, pubs, airports or hotels, are often unsecured connections that could expose personal data or leave devices open to online threats (e.g. malware, spyware and cyber-snooping). The company that hosts the hotspot could also be blamed if any copyright content is downloaded over their connection.


Thankfully the study also reveals that 86% of online adults who accessed Wi-Fi at home do take measures to ensure that their wireless connection is secure. Here are a few more highlights.

UK2 Wireless Security Survey Highlights

• 45% of UK WiFi users could be putting their passwords and data at risk by using public WiFi to log-in to email, 37% access Facebook and 14% even log-in to online banking.

• 15% of the UK’s public WiFi users have entered credit or debit card details over a public WiFi network.

• 40% of all online UK adults worry about cyber-snooping.

• But 42% of all online UK adults who ever use public WiFi never or only “rarely” check whether or not a WiFi network is secure before use.

• Whereas 86% of all online UK adults who ever access Wi-Fi at home take measures to ensure that their WiFi at home is secure.

• 42% of all online UK adults would use public WiFi more often if they could guarantee the security of their data.

• 67% do not know what a VPN is, and are therefore unaware of how a Virtual Private Network could make their data usage more secure.

• And 68% of smartphone owners do not even know whether or not their smartphone has a VPN function.

As per usual UK2's real reason for commissioning the survey is to launch its new VPNHQ service, which will quickly and easily enable users to set up an encrypted VPN (Virtual Private Network) connection. It also helps to mask your identity online.

At present there's no real shortage of VPN services around, thus VPNHQ is attempting to entice customers by making its service available for free.. well at least for an unspecified "limited time". After that it'll cost you £4 per month. But don't buy its claims of "Unlimited" Internet Speed as VPN's can only ever go as fast as your physical connection.

Mobile group Everything Everywhere ( Orange and T-Mobile ) and BT (BT Wholesale) have agreed with Ofcom to extend their Cornwall (South Newquay) based trial of superfast 4G Long Term Evolution ( LTE ) Mobile Broadband technology until the end of June 2012 (this runs in the 800MHz spectrum band).

The trial, which began in October 2011 (here) and has so far focused on several hundred users in rural St. Newlyn East, was originally supposed to end during "early 2012" but the operators now want more time "to investigate the application of 4G LTE in rural areas".

People in the affected area previously had either no or very poor fixed line broadband ISP download speeds of up to 2Mbps, although trialists have managed to attain an average speed of 7Mbps. That's just above Ofcom's national UK fixed line average of 6.8Mbps and miles ahead of Mobile Broadband's 1.5Mbps.



Both operators, with support from technology partners Nokia Siemens Networks and Huawei, claim the trial is "successfully demonstrating" that fixed and mobile technologies can work together to provide an effective rural broadband service.

Unfortunately the 800MHz (790-862MHz) band, which had previously been used for the delivery of old analogue TV services, will not be auctioned off until Q4-2012 and it will then take another year or so for the release process to complete. As a result St. Newlyn East, after the current trial, might be left in the dark for awhile.

UPDATE: The problem has now been fixed (scroll to the bottom for more). Customers of O2 UK's Mobile Broadband services may be displeased to learn that their private phone numbers are allegedly being exposed to every website they visit from within the connections HTTP headers.

HTTP headers are used seamlessly every time you request to access a website. They tell the web server a little about how it should handle your connection (e.g. your language, what web browser you use, what web page you've requested etc.). So far.. so normal.

However Thinkbroadband and several customers have now confirmed that the HTTP headers being sent by at least some of O2's mobile internet connections also appear to be including the customers personal phone number! As a result any savvy web server admin could easily catch and extract this data for abuse.


Thinkbroadband notes that the issue appears to be sporadic and doen't affect every connection, which could suggest a problem with the setup of O2's mobile proxy servers. Note that none of this affects O2's fixed line Home Broadband customers, only its mobile users.


At the time of writting we're still awaiting a reply from O2 and that should come soon. In the meantime mobile users might want to consider using the Opera Mini web browser, which speeds up web browsing by using its own proxy and thus should not expose your phone number to web servers.

UPDATE 10:29am

O2 has told ISPreview.co.uk that they are "investigating" the problem and promise to report back as soon as they can. In the meantime we're seeing more emails, tweets and comments from people whom have spotted the same problem on their connections. We just asked a family member to test and they found it too. We'll update again soon.

UPDATE 12:43pm

Customers of O2's Virtual Network Operators (MVNO), such as GiffGaff and Tesco Mobile, also appear to be reporting the same problem. Meanwhile O2 user and system admin, Lewis Peckover, has setup a simple test to see if your connection is affected (only applies to O2 users): http://lew.io/headers.php .


Everybody is still waiting for O2 to respond and even the mainstream media has picked up on this now.

UPDATE 12:54pm

More bad news. According to Sophos, a German student (Collin Mulliner) first exposed the exact same security problem almost two years ago (March 2010) when he gave a presentation - 'Privacy Leaks in Mobile Phone Internet Access' - to the CanSecWest conference in Vancouver. Take note that the sites security certificate (above link) seems to be out of date. We've also added a video of the problem above.

UPDATE 2:22pm

The problem, which has been known about for two years (see above), now finally seems to be vanishing from some affected connections. Mind you we saw this earlier when others were still suffering from it.

No official update from O2 yet, although they continue to tell customers that "this sort of thing is very serious to us" (O2 Twitter) and is being treated "as a priority". We suspect that they're attempting to fix it before making any kind of announcement.

UPDATE 2:43pm

The BBC News has managed to grab a comment from the government's Information Commissioner's Office (ICO), which is worth a read.


It's worth noting that many web servers also log http headers as part of normal processes (they usually don't contain anything of real worth) and some reports suggest that a few web masters are finding reams of personal O2 mobile phone numbers in those. We had a quick check of our own logs but they only store the standard request fields and not the O2 related ones.

UPDATE 4:18pm

O2 claims to have officially fixed the problem at 2pm today and has now explained what happened, which is much as we reported above. The operator also claims that the problem, which was apparently due to "technical changes" that occurred during "routine maintenance", began on 10th January 2012. During this period "there has been the potential for disclosure of customers’ mobile phone numbers to further website owners".


Furthermore O2 has said that it's in touch with both the ICO and Ofcom over the incident, which has caused significant concern among many of their mobile internet users. A set of Q&As has been posted to answer some common questions.